Welcome to WebmasterWorld Guest from

Forum Moderators: buckworks

Message Too Old, No Replies

OSCommerce Security

... how safe is it?



8:00 am on Sep 6, 2006 (gmt 0)

WebmasterWorld Senior Member beedeedubbleu is a WebmasterWorld Top Contributor of All Time 10+ Year Member

I have a PHP developer who installs OSCommerce packages for me. It's a great system and the sites have all turned out well. I don't do much PHP myself and while we have not had any problems I am not sure how safe the sites are.

Can anyone offer advice on how secure OSCommerce really is? Is there a continuing update process that we should be using and if so do you charge your clients for this?


8:43 am on Sep 6, 2006 (gmt 0)

10+ Year Member

There was a new security rollup released recently for osCommerce 2.2 Milestone 2 (the standard release for the last few years).

You should look at applying this rollup. The code changes aren't too bad, and there are diff/patch files available if you're familiar with automated patching tools - this makes the process pretty painless.

I'm about to patch up a bunch of my shops - but need to sort out charging the clients that don't have maintenance or don't put much business our way.


8:45 am on Sep 6, 2006 (gmt 0)

10+ Year Member

Oh, forgot the useful link...

Text details of changes to files is here:

If you want to download the full package then grab it (which includes the patch/diff files) from here:


Featured Threads

Hot Threads This Week

Hot Threads This Month